Transparent TCP-to-SCTP Translation Shim Layer
Download
Report
Transcript Transparent TCP-to-SCTP Translation Shim Layer
Transparent TCP-to-SCTP
Translation Shim Layer
EuroBSDCon 2007 / Copenhagen, Denmark
Ryan Bickhart
[email protected]
Protocol · Engineering · Laboratory
University of Delaware
SCTP: Stream Control Transmission Protocol
Transport Layer
TCP
SCTP
UDP
Application
SCTP Characteristics:
Transport
Network
Connection-oriented
Data Link
Reliable
Physical
TCP-friendly congestion control
Message-based
Partial reliability extension
Multistreaming ability
For SCTP protocol
Multihoming support
specifics, see RFC 2960
Shim Concept Explained
TCP-to-SCTP translation: kernel will map calls to
TCP to equivalent calls to SCTP
Transparent: applications will not be aware the
TCP-to-SCTP translation is even happening – kernel
will trick them
Shim layer: decision logic to control SCTP use will
be inserted into existing kernel
Outline
Motivations
Implementation overview
Controlling the shim
Experimental results
Challenges and future work
Demo
Multiple Addresses in TCP
ISP
ISP
A1
B1
Host
A
Host
B
Internet
A2
B2
ISP
ISP
TCP: Hosts choose 1 of 4 possible connections
(A
(A11,, BB11))or
or (A
(A11,, BB22))or
or (A
(A22,, BB22))or
or (A
(A22,, BB11))
SCTP Multihoming
ISP
ISP
A1
B1
Host
A
Host
B
Internet
A2
B2
ISP
ISP
SCTP: 1 association incorporating all addresses
({A1, A2}, {B1, B2})
SCTP Multihoming Provides Fault Tolerance
ISP
ISP
A1
B1
Host
A
Primary
Internet
A2
Host
B
B2
Alternate
ISP
ISP
Primary and alternate destinations
SCTP fails over to alternate if primary becomes unreachable
SCTP Concurrent Multipath Transfer (CMT)
Idea: Actively send data to all available destinations to
increase throughput
ISP
ISP
B1
A1
Host
A
Host
B
Internet
B2
A2
ISP
ISP
Solves problem of usable destinations sitting idle
Current research by Janardhan Iyengar (see links at end)
Motivations to Migrate from TCP to SCTP
Increase application fault tolerance and reliability:
SCTP Multihoming
Increase application throughput:
SCTP Concurrent Multipath Transfer
How to take advantage of SCTP benefits?
Rewrite all existing TCP applications – lots of work
Incremental deployment (“chicken and egg”) problem
Idea: translate system calls to TCP into equivalent
calls to SCTP, using SCTP for end-to-end transport
Outline
Motivations
Implementation overview
Controlling the shim
Experimental results
Challenges and future work
Demo
Transparent TCP-to-SCTP Translation
TCP Application
Shim Translation Logic
TCP
SCTP
UDP
Transport Layer
Translation from TCP to SCTP by shim layer is transparent to
application – no modifications to applications whatsoever
Initial implementation is in FreeBSD 4.10 kernel; currently
porting to FreeBSD 7.0
Why kernel versus user library – pros and cons?
Socket Layer / API
Maps protocol-independent requests from application
to protocol-specific implementation in kernel
Application
Socket
Layer
Transport Layer
Network Layer
Data Link Layer
Physical Layer
User Space
Kernel Space
Sockets
Represent endpoint of network communication
socket_desc = socket(domain, type, protocol);
…
connect(socket_desc, …);
…
send(socket_desc, …);
receive(socket_desc, …);
…
close(socket_desc);
Application
Socket
Socket
Socket
Descriptor
Table
Kernel
Socket-Protocol Binding
Socket fields:
Protocol (TCP, UDP, SCTP, etc)
Configuration information (socket options, etc)
State (connected, disconnecting, etc)
I/O buffers (sending, receiving)
Protocol
State
Socket is “attached” to a
protocol when created
Configuration
TCP
Protocol Module
Interface
Send Buffer
Receive Buffer
…
socket_desc = socket(domain, type, IPPROTO_TCP);
Hidden Socket
Shim State
Shim Parent
New fields created
to support shim
Hidden SCTP Socket
TCP Socket
Protocol
State
Configuration
TCP
Protocol Module
Interface
Send Buffer
Receive Buffer
…
Hidden SCTP Shim Socket
Hidden Socket
Protocol
Shim State
State
Configuration
Send Buffer
Receive Buffer
…
Shim Parent
SCTP
Protocol Module
Interface
Socket Layer in Detail
Application
Function call
SocketSocket
System
Layer
Call Stubs
System call
User Space
Kernel Space
Transport Layer
Socket layer
Socket System Call Implementations
Function call
Socket Layer Functions
Function call to protocol module
TCP
SCTP
UDP
Transport Protocol Modules
Hidden Socket Substitution
Socket
Descriptor
Application
Operate on
socket descriptors
Socket System Call
Stubs
Normal
TCP
Socket
User Space
Kernel Space
Socket System Call
Implementations
Descriptor Table
Socket Layer
Functions
Hidden
SCTP
Shim
Socket
Operate on
socket objects
Transport Protocol
Modules
Either TCP socket or
hidden SCTP socket is
passed to lower layers
Normal TCP / Hidden SCTP Socket Use
Generic requests (connect, send, recv, etc…)
Normal
TCP
Socket
TCP protocol
interface
Generic requests
mapped to specific
implementation
connect
Hidden
SCTP
Shim
Socket
Generic requests
mapped to specific
implementation
SCTP protocol
interface
connect
send
send
recv
tcp_connect()
implementation
...
tcp_send()
implementation
sctp_connect()
implementation
recv
...
sctp_send()
implementation
tcp_recv()
implementation
sctp_recv()
implementation
...
...
Client Connecting with Shim Enabled
TCP Client Application
Server Application
Calls connect()
Shim Logic
SCTP
SCTP
Transport Layer
TCP
Connecting Client
TCP
Listening Server
Client tries connecting with SCTP first and falls back to TCP
if SCTP does not work
Server Bind/Listen with Shim Enabled
Step 1: Server binds
Flow
socket
of typical
to
server application
Step 2: Server listens on
address and both TCP and SCTP
both TCP and SCTP sockets
ports
TCP Server Application
Create socket
TCP Server Application
Calls bind()
Calls listen()
Shim Logic Bind socket to address/port Shim Logic
TCP
Server binds
to address
and TCP port
Calls duplicated
for both protocols
Calls duplicated
for both protocols
SCTPEnable listening on socketTCP
SCTP
Server binds
Serve clients
to address
and SCTP port
Server listens for
thatclient
connect
connections
from TCP
Server listens for
client connections
from SCTP
TCP and SCTP Listening Sockets
Returned by
accept()
Application
accept()
listen()
bind()
Normal
Listening
TCP Server
Socket
Returned
New
toTCP
App
Client
via
accept()
Socket
Shim parent
pointer
Transport Layer
New
TCP
Client
Socket
Hidden
Listening
SCTP Server
Socket
TCP
SCTP
Connections
Associations
(from network)
(from network)
New
SCTP
TCP
Client
Socket
New
TCP
Client
Socket
New
SCTP
Client
Socket
Step 3: Server accepts
client sockets and
handles their requests
Outline
Motivations
Implementation overview
Controlling the shim
Experimental results
Challenges and future work
Demo
Controlling Shim Operation
Global on/off switch for shim lacks precision –
every application has same setting
Administrators need finer control
Solution: selectively enable/disable shim on perapplication basis using rules
Rules match application network use based on:
Addresses
Subnets
Port numbers or ranges
Rule Format
Chain
Local: Rule for local listening (server) sockets
Remote: Rule for connecting (client) sockets to
remote endpoints
Policy
Enable: Shim enabled if rules match
Disable: Shim disabled if rules match
If address, subnet, or port
matches rule, use rule’s policy,
else use global default policy
Chain
Policy
IP Address
Subnet/Mask
Port[:Range]
Shim Rule
Rules Semantics
Local
Remote
Remote
Enable
Enable
Disable
--
--
128.4.30.25
--/--
10.1.1.0/24
--/--
80
--
8000:9000
Matches applications using
listening (server) socket
that is bound to any
address and port 80
Matches applications
connecting to remote
host on 10.1.1.0/24
subnet on any port
Matches applications
connecting to 128.4.30.25
on any port in the range
8000 to 9000
Shim Rules Table Design
Remote Disable
Chain
Remote Enable
Chain
Local Disable
Chain
Local Enable
Chain
Remote
Remote
Local
Local
Disable
Enable
Disable
Enable
…
--
…
…
--/-Remote
22
Disable
…
Remote
Local
First match
along chain is
policy used
Enable
…
Enable
10.1.2.3
Local
--/--
Enable
22
…
Suppose application calls:
connect(10.1.2.3 port 22);
Global Remote Policy
Disable
Global Local Policy
Disable
Shim Administrative Practices
Shim rules system allows policies to fit needs of
individual sites
Default local/remote policies regulate how
aggressively the system attempts to use shim
Fine tune default settings with rules:
Enable or disable shim for specific applications
Ensure that most restrictive rules appear earlier in chains
than less restrictive rules
Outline
Motivations
Implementation overview
Controlling the shim
Experimental results
Challenges and future work
Demo
Experimental Results
So far, several applications verified to work as
expected without modification running over shim:
Telnet
SSH
HTTP using Apache server and Firefox browser
Streaming audio using Icecast server and XMMS player
End user cannot distinguish between normal TCP
and shim using SCTP (except by wiresharking!)
Two experiment configurations
TCP-SCTP-TCP Translation
TCP Client
TCP Server
User Space
Kernel Space
UDP Socket
TCP Socket
SCTP Socket
SCTP Socket
TCP Socket
UDP Socket
Socket Layer
Transport Layer
UDP
TCP
Transport Layer
SCTP
SCTP
SCTP
TCP
UDP
Association
Telnet, SSH, HTTP (Apache + Firefox), streaming
audio (Icecast + XMMS) work in this configuration!
TCP-SCTP Translation
TCP Client
Native SCTP Server
User Space
Kernel Space
UDP Socket
TCP Socket
SCTP Socket
SCTP Socket
TCP Socket
UDP Socket
Socket Layer
Transport Layer
UDP
TCP
Transport Layer
SCTP
SCTP
SCTP
TCP
Association
HTTP (native SCTP-enabled Apache + regular
Firefox) works in this configuration!
UDP
Performance Measurements
Measuring file transfer time with scp over shim
1.5 Mbps / 35 ms latency path created using
Dummynet running on FreeBSD 4.10; 50-packet
tail drop queue
Uniform random loss rates of {1%, 3%, 6%, 10%}
Files sizes of {50 KB, 500 KB, 5 MB, 25 MB}
Average transfer times of 30 runs for all but 50 KB;
90 runs for 50 KB transfers due to higher variance
Performance Results
Interpretation of Results
For low loss rates (less than 3%) and short
transfers (50 KB), TCP and SCTP perform similarly
At high loss rates for longer file transfers, SCTP
clearly outperforms TCP
Both protocols have AIMD congestion control
SCTP uses SACK by default
SCTP has Appropriate Byte Counting
Using the shim and SCTP provides performance no
worse than TCP, and significantly better in some
situations
Outline
Motivations
Implementation overview
Controlling the shim
Experimental results
Challenges and future work
Demo
Handling Nonblocking Connects
Shim is application-driven: when application
requests action on a socket, hidden SCTP socket is
used instead
What happens when action or response is
asynchronous, like nonblocking connect?
Nonblocking Connect Events
TCP Client Application
Calls select()
Server Application
Calls connect()
Continues
Returns
writeable
blocking
Shim Logic
Kickstart TCP
connect
?
poll()
connect() returns immediately
SCTP
SCTP
Transport Layer
TCP
Connecting Client
TCP
Listening Server
TCP’s Half-Closed State
TCP uses a 4-way handshake for closing the
connection, which allows the connection to be in a
half-closed state
SCTP uses a 3-way handshake for closing the
association
Both TCP applications must call close before
connection is torn down; only 1 SCTP application
calling close will tear down the association
When is this a problem?
FTP Transfer over TCP
Solid lines: Control connection
Dashed lines: Data connection
FTP Transfer over SCTP
Solid lines: Control connection
Dashed lines: Data connection
Handling Half-Close with SCTP Shim
Some applications depend on specific knowledge of
how TCP handles half-close to function correctly
Goal of transparent translation requires application
behavior not be changed
Possible solution: emulate the TCP half-close
semantics by passing state between the two
endpoints using an unused SCTP data stream
Outline
Motivations
Implementation overview
Controlling the shim
Experimental results
Challenges and future work
Demo
Demo: Path Failure with TCP
Using TCP, connection
fails and music stops
A1
XMMS
Client
A2
10.1.1.0/24
Network
Music stream
Music stream
TCP cannot use
other destinations
Music!
192.168.1.0/24
Network
B1
B2
Icecast
Streaming
Server
Demo: Path Failure with Shim using SCTP
10.1.1.0/24
Network
A1
XMMS
Client
A2
Music stream
Music stream
Music stream
Music stream
Music!
Shim using SCTP fails
over to alternate and
playback continues
uninterrupted
192.168.1.0/24
Network
B1
B2
Icecast
Streaming
Server
Further Reading
General SCTP information:
RFC 2960 (Stream Control Transmission Protocol)
RFC 3758 (Partial Reliability)
HTTP and FTP over SCTP:
SCTP: An innovative transport layer protocol for the web
http://www.cis.udel.edu/~amer/PEL/poc/pdf/WWW2006SCTPfortheWeb-natarajan.pdf
Improving multiple file transfers using SCTP
multistreaming
http://www.cis.udel.edu/~amer/PEL/poc/pdf/IPCCC2004COR
RECTED-FTP-over-SCTP-Natarajan-6-6-2005.pdf
Questions or Comments?
For more information about SCTP research:
http://pel.cis.udel.edu
Concurrent Multipath Transfer (CMT)
http://www.cis.udel.edu/~iyengar/publications/
Questions about transparent TCP-to-SCTP
translation shim layer:
[email protected]